General
-
Target
nozomi.exe
-
Size
3.6MB
-
Sample
240923-zdc8satdrf
-
MD5
7dc85e203f978618abeca0f1533fcfd9
-
SHA1
fb254f5df3d0ffe42b910afa33c3cc36f2fd00a4
-
SHA256
860f82416c505a7938a5e51e784bfe4e021b5f0f3487883d5e941c22d2844f7e
-
SHA512
61dc510ce975ca2f705fe7358a9a9bded55d31b5868c37fe2b024db0902fb040ed4d2bb3ee974db8de543e72b40927784ce852367ac7d4ff41c129d4879a8112
-
SSDEEP
49152:XnAQqMSPbcBV5RdhnvxJM0H9PAMEcaEau3R8yAH1plAHI:XDqPoBZdhvxWa9P593R8yAVp2HI
Static task
static1
Behavioral task
behavioral1
Sample
nozomi.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
nozomi.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
nozomi.exe
-
Size
3.6MB
-
MD5
7dc85e203f978618abeca0f1533fcfd9
-
SHA1
fb254f5df3d0ffe42b910afa33c3cc36f2fd00a4
-
SHA256
860f82416c505a7938a5e51e784bfe4e021b5f0f3487883d5e941c22d2844f7e
-
SHA512
61dc510ce975ca2f705fe7358a9a9bded55d31b5868c37fe2b024db0902fb040ed4d2bb3ee974db8de543e72b40927784ce852367ac7d4ff41c129d4879a8112
-
SSDEEP
49152:XnAQqMSPbcBV5RdhnvxJM0H9PAMEcaEau3R8yAH1plAHI:XDqPoBZdhvxWa9P593R8yAVp2HI
Score10/10-
Contacts a large (3073) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-